package com.cn.txx.web.shiro;

import com.cn.txx.dao.zydao.ModuleMapper;
import com.cn.txx.dao.zydao.RoleMapper;
import com.cn.txx.dao.zydao.UserMapper;
import com.cn.txx.entity.Module;
import com.cn.txx.entity.Role;
import com.cn.txx.entity.User;
import com.cn.txx.utils.Constants;
import com.sun.org.apache.regexp.internal.recompile;

import org.apache.log4j.Logger;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * @program: ZyPrj
 * @Date: 2018/6/5 10:55
 * @Author: Mr.Tu
 * @Description:
 */								  
public class CustomRealm extends AuthorizingRealm {

	public static final Logger LOGGER = Logger.getLogger(CustomRealm.class);
	@Autowired
	private UserMapper userMapper;
	@Autowired
	private RoleMapper roleMapper;
	@Autowired
	private ModuleMapper moduleMapper;
	
	@Autowired
	private HttpServletRequest request;
	
	/**
	 * 授权
	 * @param principalCollection
	 * @return
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
		String userName = (String) principalCollection.getPrimaryPrincipal();
		//从数据库或缓存中获取角色数据
		Set<String> roles = getRolesByUser(userName);
		Map<String,Object> map = new HashMap<>(8);
		map.put("role",roles);
		map.put("tUid",userName);
		//从数据库获取权限数据
		Set<String> permissios = getPermissionByUser(map);

		SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
		simpleAuthorizationInfo.setStringPermissions(permissios);
		simpleAuthorizationInfo.setRoles(roles);
		return simpleAuthorizationInfo;
	}

	private Set<String> getPermissionByUser(Map<String,Object> map) {
		Set<String> set = new HashSet<>();
		LOGGER.debug("从数据库获取Permission权限信息");
		List<Module> modules = moduleMapper.selectByUser(map);

		for (Module module : modules){
			set.add(module.gettMid());
		}
		return set;
	}

	private Set<String> getRolesByUser(String userName) {
		Set<String> set = new HashSet<>();
		LOGGER.debug("从数据库获取Role权限信息");
		List<Role> roles = roleMapper.selectByUid(userName);
		for (Role role : roles){
			set.add(role.gettRid());
		}
		return set;
	}

	/**
	 * 认证
	 * @param authenticationToken 认证信息
	 * @return
	 * @throws AuthenticationException
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {

		//从主体传过来的认证信息获取用户名
		String username = (String)authenticationToken.getPrincipal();
		//通过用户名获取数据库凭证
		User user = getPwdByUsername(username);
		if(user == null){
			return null;
		}
		request.getSession().setAttribute(Constants.CURRENT_USER, user);
		SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(username,user.getT_PWD(),"customRealm");
		/*simpleAuthenticationInfo.setCredentialsSalt(ByteSource.Util.bytes(username)); // 加盐值*/
		return simpleAuthenticationInfo;
	}

	private User getPwdByUsername(String username) {
		return userMapper.selectByPrimaryKey(username);
	}
	
}
